We’ve been having a hard time keeping up with events over the last few weeks. Every time we think the keystone cops from the Department of Homeland Security can’t come up with anything dumber to do, they prove us wrong. At this point we’re not sure who is most deserving of derision: (1) the would-be terrorist who tried but failed to explode his underpants, and succeeded only in burning his balls, (2) the goons the TSA sent to intimidate bloggers who tried to tell travelers what to expect when they got to the airport, and find out who had “leaked” the TSA’s secrets, but who left their own notebook of “secret” notes about their investigation of this and other cases behind in a public place, or (3) the TSA agents who felt so ill at the smell of honey they found in checked luggage that they checked themselves into a hospital and shut down the airport. It’s a tough call. Leave your votes, or other nominations, in the comments.

What’s most striking about the government’s response to this unsuccessful bombing attempt is the complete lack of any rational relationship between the actions that have been taken and are being proposed, any analysis of which of these and similar tactics did or did not contribute to the success or failure of the Christmas Day attack on Northwest Airlines flight 253, and any likelihood that they would make future attempts at terrorism less likely to succeed.

Now that the dust has settled a bit, perhaps it’s time to survey the security, security theater, surveillance, and travel control techniques at issue:

“Another 9/11?” No, that was never at risk. The force multiplier and the magnitude of the damage on 9/11 were the result of the use of airplanes as weapons, not the destruction of the planes themselves or the killing of the people on board. Largely as a result of the simplest and least intrusive of post-9/11 security measures — armored and locked cockpit doors — combined with the likelihood that passengers and/or flight attendants would stop any would-be terrorist before they could get to, much less through, the cockpit door, there was no risk of a 9/11 type attack using the airplane against a target on the ground in the latest incident. The would-be terrorist this time obviously knew that this wasn’t a possibility, was seated well back in the plane and in a window seat, and by all accounts made no attempt to move toward the cockpit.

Security by obscurity? No, this key element of the government’s aviation “security” program played no role in the success or failure of this attempted attack. We’ve seen no suggestion that the attempted bomber or any possible confederates had, or benefited from in any way, any of the information about security procedures that the government has been trying to keep secret, and has been (falsely) claiming would provide a “roadmap for terrorists”. Nor have we seen any suggestion that there was some information which remains secret but which, had the would-be terrorist(s) known it, would have helped them. The measures that were most effective (strengthening cockpit doors and keeping them closed and locked, routine screening that keeps large or metallic dangerous items off planes, and increasing the likelihood that passengers and flight attendants will intervene directly and without waiting for instructions if they see something that seems amiss) are all measures whose deterrent effect is greatly enhanced by having potential terrorists know about them. And the TSA continues to release more and more of its own purported “secrets“, even as it continues its witchhunt against anybody else who seeks to inform the traveling public about its practices.

“Stay in your seats”? Whatever for? Passengers on Northwest flight 253 should be, and have been, congratulated for having had the common sense and initiative not to wait for instructions before leaping to put out the fire. And prompt evacuation, on which airlines are tested regularly, can be essential for survival in an emergency on a plane. But the TSA’s first reaction to the latest events was to issue an order that during the final hour of each flight, passengers should stay in their seats, no matter what. (To add to the farce, it’s this directive specifying what all passengers be required to be told once they got on the plane that the TSA went after journalists and bloggers for telling those same travelers about.) Can anyone explain how the passengers on Flight 253 would have been better off if they had been given, or been sufficiently foolish or intimidated to obey, such an order to stay in their seats when the fire broke out?

“Focus on keeping bad people off planes, instead of keeping bad things off planes”? That’s been a mantra for the DHS, used to justify an ever-growing array of identity-based “screening” systems that are far more effective for surveillance and control than for security. But what kept the damage small in this case (in addition to the strengthened and locked cockpit door, which presents an equal barrier to any would-be terrorist regardless of identity) was the standard physical screening to which all passengers are subject. That limited the size and composition of the explosive device. Sure, there will always be technical advances in weaponry. But we have much more idea what a bomb looks like, and how to detect one, than what a potential terrorist looks like. Stopping bad people didn’t work. Stopping bad things (or limiting their size and composition) did. Is there any reason to expect that to change? The suspect in this case was on a “watch” list of half a million people. Sure, all of those names could have been put on the “no-fly” list. But are they all terrorists? We doubt it. Is there any evidence in the latest incident that the government now has a foolproof way to tell which of them is and which isn’t? We haven’t seen any, despite their experiments with mind reading machines. Does this list include everyone in the world who will ever attempt an act of terror? We doubt it. Can we count on would-be terrorists to use their own names? No. And how do these decisions get made, anyway? That brings us to…

Extrajudicial watchlisting/blacklisting? No, that didn’t work in this case. The DHS has insisted that no-fly decisions need to be made in secrecy, by a secret cadre of bureaucrat/spooks in secret rooms at the Terrorist Screening Center, relying on secret dossiers of “derogatory” information provided by other agencies, with no contact with the people for whose right to travel they are judge, jury, and executioner. Is there anything in the latest incident to suggest that they are doing a better job of decision-making than would Federal judges presented with motions for no-fly injunctions or restraining orders? Not that we’ve seen. Since the present system isn’t working, mightn’t it be time to actually give the judicial process — notice, hearing, evidence, adversary procedure, appellate review, and all that jazz — a try?

Profiling by national origin? Last month we learned that TSA procedures explicitly (and illegally) discriminated against travelers with passports from 12 specified countries. Faced with an attack by someone from a different country, did they admit that they could no more predict with certainty the nationality of the next attacker than predict with certainty their name? No, they haven’t responded to our discrimination complaint — they merely added a few more countries to the “enemies list”, and extended it to anyone who has traveled to those countries, regardless of citizenship. Only time will tell, since they won’t say, how long after visiting one of these countries the “taint” will remain.

Turning airline staff into immigration police? That didn’t do any good either. One of the long-arm, strong-arm tactics of the U.S. and some European and other countries has been to co-opt airlines into functioning as a front-line immigration posse, through administrative fines of $3000 per passenger against any airline that transports to the U.S. anyone who is for any reason denied entry on arrival. The fine for a single passenger can wipe out the profit from a full plane. As a result, airlines are economically compelled to scrutinize travel documents more skeptically than most real government officers. In the absence of meaningful accountability in places where few of the people denied boarding can afford to sue, airlines’ financial interest is almost always to err on the side of saying “no” to anyone they consider suspicious. (As a result, the greatest difficulty faced by many would-be asylum seekers is getting an airline to let them on a plane to a place of refuge.) KLM Royal Dutch Airlines (or their contractors), who checked in the man with the bomb in his underwear in Lagos and re-checked his documents in Amsterdam, surely would have turned him away — paid ticket in hand notwithstanding — if they had any reason to question his bona fides. They didn’t — and if there was nothing to arouse an airline with its suspicions against holders of passports from countries like Nigeria on continuous hair-trigger, is there any reason to expect a different outcome next time? If this whole system isn’t stopping would-be terrorists, but is stopping refugees and those seeking asylum from persecution and terrorists, might the lesson be that it’s time to get airline customer service and check-in staff out of the the law enforcement business, and turn that role back over to real police?

Making Canadians, Europeans, and people in the rest of the world do things the American way? The U.S. has already done plenty of that — at considerable cost in money,sovereignty, and civil liberties — but it doesn’t seem to have had any benefit in this case. After they’ve gone through standard screening either at the entrance to the transit area or at the airport from which they flew to Amsterdam, the U.S. already requires KLM and other airlines to put all passengers boarding flights to the U.S. through a second checkpoint between the transit area and the gate. Apparently the DHS doesn’t trust the standard Dutch and European screening to be strict enough to protect the U.S. homeland. But in this case, the secondary U.S.-mandated screening didn’t detect or stop anything more than the primary screening in Lagos. So much for the theory that the DHS knows how to do it better than anyone else in the world. Under the APIS regulations, either KLM or Northwest (KLM handles check-in for Northwest flights in Amsterdam, but they’ve stonewalled requests to disclose how they share passenger data with each other and the DHS) had to request and receive explicit per-passenger per-flight permission (“clearance”) before boarding each passenger, but apparently either the secret orders implementing that permisison rule haven’t yet been issued, or they actually received the required clearance. The same goes for flights that don’t even land in the U.S., if they pass through U.S. airspace — such as flights between Canada and Cuba. There’s already been intense controversy and lawsuits over these demands and impositions, both in Canada and in the EU. And the latest evidence suggest that these measures sacrifice freedom and privacy without any security benefit, and deserve to be rolled back rather than expanded the way the DHS wants.

“Confirm the president’s nominee for Administrator of the TSA”? Why should the Senate do that? Is there any reason to think he would have done things any better had he been confirmed earlier and if he had authority over international flights (which he doesn’t, as discussed below)? On the contrary, perhaps the latest events are cause to give closer scrutiny to the nominee, and maybe ask some serious questions. As one observer put it, “The ‘best and brightest’ the current administration could find to fill the top job at TSA with 60,000 employees is a man who has never headed a large organization; a man who personally rifled through confidential records of his estranged wife’s lover and then lied about it in testimony before Congress. That’s very sad.”

The TSA? No matter how easy and tempting it is to jeer at the TSA, they have little role in “securing” international flights from other countries to the U.S. The TSA behaved badly — spectacularly so — in the aftermath, but what happened on Flight 253 in the first place wasn’t their fault, and certainly isn’t any cause for giving them more money, toys, or authority. (The TSA isn’t even safe from its own. Maybe it’s poetic justice, but one of the latest incidents involved a TSA contract employee who was stealing, and selling, her colleagues’ identities!) The real issue is what should be done about the agency involved, Customs and Border Protection (CBP), and we can learn from the latest events about which of the “security” measures used by the CBP for international flights should (and which shouldn’t) be adopted by the TSA and applied to domestic flights as well. Which brings us to…

Secure Flight? The whole point of “Secure Flight” is for the TSA to adopt for domestic flights the individualized prior identity and reservation-based permission system being rolled out by CBP for international flights under the APIS rules. But if it did nothing in this case to prevent a terrorist attack on a flight for which it was in use, does that mean we should spend billions of dollars to extend it to domestic flights? Or that we should reconsider whether it’s a good idea for any flights — or an affront to our human rights?

“Whole-body imaging” or “body scanners”? No, there’s no reason to think that virtual strip-search machines would have had any effect on this attack. Indeed, if one were designing an attack to be effective in spite of universal deployment of virtual strip search machines, this is one of the ways you would try to hide the bombs components. Even if “detected” by the body scan, they probably wouldn’t have been found by anything short of an unlikely full prison-style strip search to distinguish them from innocuously padded clothing. In the U.S., codpieces for men are rare, but padded bras, mastectomy prostheses, and menstrual pads are common. So greater use of body imaging machines will mean not just that everyone is virtually stripped naked (as in this video) before the agents in the back room watching the screens and doing… whatever they are doing, we won’t know or be able to see… but that in addition, huge numbers of women with padding, prostheses, or menstrual pads that wouldn’t have set off a metal detector will have their breasts or crotches groped (nothing virtual about it at all) to see if what the scanner images show in their bras or against their genitals is really plastique. Does that make you feel safer? (No? Sign the petition or organize your own airport fleshmob.)

5 Responses to “Lessons from the case of the man who set his underpants on fire”

Of all comments and analysis I’ve read on the TSA reaction on the would-be underpants “attack” this is by far the most complete and well-thought.

I’ve been wondering a lot about this attack and there are a few things I don’t understand… Maybe it’s stupid, but if a terrorist really wants to cause a massacre, why does he get on a plane where there is a very high possibility to be caught, instead of doing it just at the airport? Do they *want* to get caught??

I think there is still much work to do and some more in-depth investigations to carry out.

Please! You insult the honorable on flight 93 over Pennsyvania, and who knows what really happened on the other flights on 9/11 If you object to the safety of others because of your own rather disturbing views of the role of safety officers, then don’t travel. It seems you don’t give a damn if others may get hurt or perish. And, what about the survivng widows and children, or parents. Their lives held in limbo until the remains are positiviley identified… And, we still don’t have all the truth on TWA flight 800.

Are there ANY airports, in the USA, (having scheduled service) which would allow this type of demonstration? I doubt it! In a major US airport these people would probably be “tazed;” cuffed, and booked as “terrorists.” Did anyone notice the Berlin cop standing directly next to one of the protestors? This is, also, a good commentary on the oppressive legacy our Puritan heritage has left us.

[…] way way, compared to having to carry out an attack over a network.) That just reconfirms that the TSA’s threat model is grossly deficient and that they aren’t really even trying to rein in the temptations (can you say, “naked […]

[…] naked by “whole body imaging” machines or “body scanners”, and then groped to determine whether what they see under your underwear is a padded bra, a mastectomy prosthesis, a menstrual pad, an adult diaper, … or plastic […]